Most interesting. That top 10 spammers list also. Sheesh -- one would think since they are known and documented so well, something could be done to stop them, but I guess that's wishful thinking._________________Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn.

I would think that many mail admins block all Turkish IPs for obvious reasons.

Why would a responsible mail admin want to block all of Turkey? This approach makes no sense to me, because you can easily pinpoint rogue networks and block them by merely looking up the ip addresses or routing. By the same logic, admins in Europe should have blocked all US address ranges some time ago, because they were home to Intercage and McColo. When the goal is to stop spam from reaching your user's inboxes, then you adjust your iptables or deny rules for that specific network and move on.

This can as well be caused by customers moving to another hoster, because they no longer can get through anywhere. As Sistemnet has been on Spamhaus' DROP list for a while, their connectivity to other networks is rather limited and of little use for criminals, unless they use tons of proxy servers to spam through. Sometimes rogue networks "terminate" a customer who was on their "purge" list anyway, because he was generating too many complaints and media attention. Them pretending to do something can keep all those commerce hostile entities from their back for a while (making them happy with a "kill confirmation" and the illusion of being powerful spammer fighters)

Why would a responsible mail admin want to block all of Turkey? This approach makes no sense to me, because you can easily pinpoint rogue networks and block them by merely looking up the ip addresses or routing. By the same logic, admins in Europe should have blocked all US address ranges some time ago, because they were home to Intercage and McColo. When the goal is to stop spam from reaching your user's inboxes, then you adjust your iptables or deny rules for that specific network and move on.

*Some* mail admins are very zealous about blocking entire ISPs, those in Turkey or where ever. I am sure a few of such BOFH (mail admins) post on nanae, so if you are familiar with their ramblings, you will see how sensible they can be. A few of them think would think it is reasonable to block a /9 network.

I know what you mean about the US and Europe. If you go by Spamhaus or Spamcop statistics in terms of the volume of spam, North America and Europe are major spam sources.

*Some* mail admins are very zealous about blocking entire ISPs, those in Turkey or where ever. I am sure a few of such BOFH (mail admins) post on nanae, so if you are familiar with their ramblings, you will see how sensible they can be.

Oh yes.... Some NANAE posters are known for quite simplistic views on the spam problem and think they can interpolate from their 2 users + 3 cats mailswerver that does not send mail to anyone outside a radius of 50 miles to the rest of the world. Their ramblings should not be taken seriously and in general, NANAE should not be considered an authoritative source for solutions to spam problems. Much of these postings are driven by the desire for finding a scapegoat for the poster's inabillity of properly blocking and filtering spam sources. Sometimes this is just a "who's the most relentless spammer fighter" contest, often celebrated by the same entities that keep picking up fights with resident trolls...

Responsible mail admins know about travelling users or other mail from abroad that can be proven useful:
Just think of an abuse notification sent by someone in a blocked /8 range - it may be the only notification about a hacked website being abused by spammers and malware peddlers you'll get...

Often, you simply cannot block mail from an entire country, because the scope of your website/company is global. I for one know I couldn't and didn't want to.

Quote:

I know what you mean about the US and Europe. If you go by Spamhaus or Spamcop statistics in terms of the volume of spam, North America and Europe are major spam sources.

In the end such "block all of [$continent]" "recommendations" boil down to "the pot calling the kettle black" and don't get much accomplished, except putting off people who really want to do something about preventing spam. Botnet spam is a problem, especially in Europe where port 25 blocking is the exception rather than the rule, but at the same time it's one of the easiest spam sources to get rid of. With Spamhaus' PBL you can stop those in their tracks at SMTP time without wasting processor cycles on content analysis.